At similar major sites, like Microsoft Store, iTunes, etc. there are constant AV sweeps to remove & mitigate malware agents. Still brand new variants & working around these controls succeed. SANS ISC shares potential for any site to be infected
archive.org, also known as the “way back machine” is a very popular Internet site that allows you to travel back in time and browse old versions of a website (like the ISC website). It works like regular search engines and continuously crawls the internet via bots. But there is another way to store content on archive.org: You may create an account and upload some content by yourself. I found a piece of malicious Powershell that uses archive.org to download the next stage payload. It’s score on VT is only 5/58
That’s the wild Internet today: If you allow users to create an account and upload some data, chances are big that the feature will be (ab)used to host malicious content. Indeed, archive.org is a top domain and is usually not blocked or tagged as malicious.